Security Resources

What Is an Open Redirection Vulnerability and How to Prevent it?

This type of vulnerability can lead to phishing attacks and all kinds of nasty not niceness. Read on to see how to prevent it.

January 8, 2018

by Sven Morgenroth

· 94,539 Views · 2 Likes

Why Enabling SHA256 Support for XML Signatures Breaks JWT Signing

A developer describes a bug he ran into while trying to add authentication protocols to an application. Read on to see how he got around it!

January 8, 2018

by Anders Abel

· 6,810 Views · 1 Like

7 Things to Know for Getting Started With Spring Boot

Just getting into Spring Boot? Then check out this post for a helping hand in understanding Spring Boot's architecture and functionality.

January 6, 2018

by Ranga Karanam

· 238,954 Views · 70 Likes

Single-Responsibility Principle Done Right

When adhering to the SOLID programming principles, Single Responsibility can be a bit tricky. Find out why and how to better understand this oft-misunderstood concept.

January 3, 2018

by Riccardo Cardin

· 29,471 Views · 40 Likes

Fun With Mendelson: Automating Your AS2 Workflows

See how you can integrate Mendelson AS2, one of the more the widely used AS2 clients, into your testing cycles and automate it to perform AS2 operations.

January 2, 2018

by Janaka Bandara

· 9,729 Views · 4 Likes

18 Non-Corny Teamwork Quotes You'll Actually Like [Graphics]

Together Everyone Achieves More and its aged ilk are probably plastered somewhere on your company's wall. Try this refresh for the new year.

December 30, 2017

by Natalie Mendes

· 23,649 Views · 3 Likes

OAuth Dances With Mule External Provider

Learn about the OAuth 2 framework and the grant types it uses to interact with Mule by creating and testing an API that uses Mule External Provider.

December 30, 2017

by NAGG Kshatriya

· 11,854 Views · 2 Likes

OWASP Dependency-Check Maven Plugin: A Must-Have

Though it's tough, this developer admits he hadn't heard of this plugin until recently. If you're in the same boat, read to get an overview of this great security tool.

December 30, 2017

by Bozhidar Bozhanov

· 19,443 Views · 5 Likes

About Dependency Injection

Still wrapping your head around DI? Let's explore the philosophy and functionality behind it, then see how Guice, or any other such framework, can help.

December 29, 2017

by Ioan Tinca

· 26,812 Views · 17 Likes

Securing Your Inline SQL Statements From SQL Injection

Shifting security left, and using secure coding standards, is becoming more and more important. Read on to get a great introduction to this topic!

December 29, 2017

by Jennifer Marsh

· 9,725 Views · 3 Likes

OTP (One Time Password) Using Spring Boot and Guava

Read on to learn how to add One Time Password authentication to your web application using Spring Boot and Google's Guava library.

December 28, 2017

by Shrisowdhaman Selvaraj

· 125,978 Views · 23 Likes

IoC vs. DI

Some people use the terms Inversion of Control and Dependency Injection interchangeably. Let's see how they're different and how they can work together.

December 27, 2017

by Francisco Alvarez

· 142,504 Views · 106 Likes

Authentication Provider Best Practices: Centralized Login

Centralized login protocols are easier to implement and maintain, and are better for the user, while creating a more secure authentication process.

December 25, 2017

by Kim Maida

· 13,782 Views · 1 Like

Multi-Release JARs: Good or Bad Idea?

The folks at Gradle feel that Java 9's multi-release JARs are a poor solution to a real problem for library designers. See how to create an MRJAR and why you shouldn't.

December 23, 2017

by Cédric Champeau

· 20,457 Views · 16 Likes

Row Level Security in Hibernate Using @Filter

Learn how to give certain people permission to view certain parts of your database, and thus increase your database's security.

December 20, 2017

by Ali Akbar Azizkhani

· 22,769 Views · 12 Likes

Check out this great article on to learn how to create authentication and authorization protocols in your web application using ASP.NET.

December 19, 2017

by Kelvin Santos Amorim

· 45,121 Views · 4 Likes

SAML-Based SSO With Azure AD B2C as an IDP

While signing on might not be the most fun thing for users, for devs, it's a critical part of the process of application security.

December 18, 2017

by Shanky Munjal

· 16,859 Views · 3 Likes

Reactive Streams With Spring Data Cassandra

Using Cassandra and also want to incorporate Reactive Streams into your program? Here's how you can do it with Spring Data Cassandra.

Updated December 14, 2017

by Dan Newton

· 26,980 Views · 10 Likes

Spring 5, Embedded Tomcat 8, and Gradle

Learn how to use Gradle to structure a Spring 5 project with Tomcat 8 embedded inside. See how to bootstrap Spring 5, support JSON content, and more!

December 9, 2017

by Bruno Krebs

· 34,467 Views · 19 Likes

How to Improve OAuth Security With HMAC Validation

We explain a type of attack that's possible to carry out on systems using OAuth and how to mitigate them using keyed-Hash Message Authentication Code Validation.

December 5, 2017

by Lahiru Sandaruwan

· 9,445 Views · 3 Likes

The Latest Security Topics